|
|
|
|
|
|
by bert64
1199 days ago
|
|
|
Not at all, your "local" network is the link-local address space, which legacy IP has no analog of. The link-local space cannot be routed either intentionally or accidentally. RFC1918 address space IS routable, it just doesn't have a global route. There is nothing to stop devices adjacent to your wan interface (ie other customers) from manually adding a route to your RFC1918 address space via your firewall. Will that traffic be allowed? that depends on the device and its configuration, have you ever tested this scenario? probably not. NAT is a hack to get around a shortage of address space, nothing more. Once the shortage is gone there's no more need for NAT. That's why although NAT with IPv6 is possible, it's very rarely used because you no longer have any valid reason to use it.
If you are think there are any other reasons to use NAT then you need to brush up on your network knowledge because a lot of smarter people than you or I are saying to avoid NAT and designing systems (eg IPv6) to fix the problems it causes. US government advice is to avoid the use of NAT because of the extra complexity it introduces, which actually reduces security: https://media.defense.gov/2023/Jan/18/2003145994/-1/-1/0/CSI... |
|
|